perl 5.30.0-9ubuntu0.2 source package in Ubuntu
Changelog
perl (5.30.0-9ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in regex compiler
- debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow
from nested regex quantifiers in regcomp.c.
- CVE-2020-10543
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-10878-1.patch: extract
rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c.
- debian/patches/fixes/CVE-2020-10878-2.patch: use long jumps if there
is any possibility of overflow in regcomp.c.
- CVE-2020-10878
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp
program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c,
t/re/pat.t.
- CVE-2020-12723
-- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:56:54 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- perl
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| perl_5.30.0.orig-regen-configure.tar.gz | 813.7 KiB | fc55a7309f9e2c404119b005774fc85a8488bad047aee611d17bbe2d608bf4de |
| perl_5.30.0.orig.tar.xz | 11.8 MiB | ac501cad4af904d33370a9ea39dbb7a8ad4cb19bc7bc8a9c17d8dc3e81ef6306 |
| perl_5.30.0-9ubuntu0.2.debian.tar.xz | 163.3 KiB | 77bb56062508bcb87bf73dbe826fe48474780a79f95cb8129144e498c02a672a |
| perl_5.30.0-9ubuntu0.2.dsc | 2.9 KiB | 24f8c2b782343bcf58d1487542face24600bc805167d1a2ed5d27d738c4a0e81 |
Available diffs
Binary packages built by this source
- libperl-dev: Perl library: development files
Files for developing applications which embed a Perl interpreter.
- libperl5.30: shared Perl library
This package contains the shared Perl library, used by applications
which embed a Perl interpreter.
.
It also contains the architecture-dependent parts of the standard
library (and depends on perl-modules-5.30 which contains the
architecture-independent parts).
- perl: Larry Wall's Practical Extraction and Report Language
Perl is a highly capable, feature-rich programming language with over
20 years of development. Perl 5 runs on over 100 platforms from
portables to mainframes. Perl is suitable for both rapid prototyping
and large scale development projects.
.
Perl 5 supports many programming styles, including procedural,
functional, and object-oriented. In addition to this, it is supported
by an ever-growing collection of reusable modules which accelerate
development. Some of these modules include Web frameworks, database
integration, networking protocols, and encryption. Perl provides
interfaces to C and C++ for custom extension development.
- perl-base: minimal Perl system
Perl is a scripting language used in many system scripts and utilities.
.
This package provides a Perl interpreter and the small subset of the
standard run-time library required to perform basic tasks. For a full
Perl installation, install "perl" (and its dependencies, "perl-modules-5.30"
and "perl-doc").
- perl-debug: debug-enabled Perl interpreter
debugperl provides a debug-enabled version of Perl which can produce
extensive information about the interpreter as it compiles and executes
a program (see the -D switch in perlrun(1)).
.
Note that this package is primarily of use in debugging *Perl* rather
than perl programs, which may be traced/debugged using the standard
perl binary using the -d switch (see perldebug(1)).
.
In addition, this package also includes debugging information for the normal
Perl interpreter.
- perl-doc: Perl documentation
Perl manual pages, POD documentation and the `perldoc' program. If you are
writing Perl programs, you almost certainly need this.
- perl-modules-5.30: Core Perl modules
Architecture independent Perl modules. These modules are part of Perl and
required if the `perl' package is installed.
.
Note that this package only exists to save archive space and should be
considered an internal implementation detail of the `perl' package.
Other packages should not depend on `perl-modules-5.30' directly, they
should use `perl' (which depends on `perl-modules-5.30') instead.
